Update SCrypt tests

2024-06-29 11:40:45 +12:00 · 2022-06-24 14:30:39 +02:00 · 2022-06-24 14:30:39 +02:00 · 5a10a9494f
parent 06d145777e
commit 5a10a9494f
2 changed files with 15 additions and 28 deletions
--- a/app/controllers/api/users.php
+++ b/app/controllers/api/users.php
@ -256,38 +256,24 @@ App::post('/v1/users/import/scrypt')
    ->param('userId', '', new CustomId(), 'User ID. Choose your own unique ID or pass the string "unique()" to auto generate it. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
    ->param('email', '', new Email(), 'User email.')
    ->param('password', '', new Password(), 'User password hashed using Scrypt.')
-    ->param('passwordSalt', '', new Text(128), 'Optional salt used to hash password.', true)
-    ->param('passwordCpu', '', new Integer(), 'Optional CPU cost used to hash password.', true)
-    ->param('passwordMemory', '', new Integer(), 'Optional memory cost used to hash password.', true)
-    ->param('passwordParallel', '', new Integer(), 'Optional parallelization cost used to hash password.', true)
-    ->param('passwordLength', '', new Integer(), 'Optional hash length used to hash password.', true)
+    ->param('passwordSalt', '', new Text(128), 'Optional salt used to hash password.')
+    ->param('passwordCpu', '', new Integer(), 'Optional CPU cost used to hash password.')
+    ->param('passwordMemory', '', new Integer(), 'Optional memory cost used to hash password.')
+    ->param('passwordParallel', '', new Integer(), 'Optional parallelization cost used to hash password.')
+    ->param('passwordLength', '', new Integer(), 'Optional hash length used to hash password.')
    ->param('name', '', new Text(128), 'User name. Max length: 128 chars.', true)
    ->inject('response')
    ->inject('dbForProject')
    ->inject('usage')
    ->inject('events')
    ->action(function (string $userId, string $email, string $password, string $passwordSalt, int $passwordCpu, int $passwordMemory, int $passwordParallel, int $passwordLength, string $name, Response $response, Database $dbForProject, Stats $usage, Event $events) {
-        $options = [];
-
-        if (!empty($passwordSalt)) {
-            $options['salt'] = $passwordSalt;
-        }
-
-        if (!empty($passwordCpu)) {
-            $options['costCpu'] = $passwordCpu;
-        }
-
-        if (!empty($passwordMemory)) {
-            $options['costMemory'] = $passwordMemory;
-        }
-
-        if (!empty($passwordParallel)) {
-            $options['costParallel'] = $passwordParallel;
-        }
-
-        if (!empty($passwordLength)) {
-            $options['length'] = $passwordLength;
-        }
+        $options = [
+            'salt' => $passwordSalt,
+            'costCpu' => $passwordCpu,
+            'costMemory' => $passwordMemory,
+            'costParallel' => $passwordParallel,
+            'length' => $passwordLength
+        ];

        $user = createUser('scrypt', \json_encode($options), $userId, $email, $password, $name, $dbForProject, $usage, $events);

--- a/tests/unit/Auth/AuthTest.php
+++ b/tests/unit/Auth/AuthTest.php
@ -129,8 +129,9 @@ class AuthTest extends TestCase
        $hash = '2bc477f4160e7dc0e6bc6849ffa38a7062fec3800d937ce251cdf552609b94919c623cd07cc36ad600bc8caea8399e6f815a6d7ed96995d495ed70890d359d6d';
        $generatedHash = Auth::passwordHash($plain, 'scrypt');
        $this->assertEquals(true, Auth::passwordVerify($plain, $generatedHash, 'scrypt'));
-        $this->assertEquals(true, Auth::passwordVerify($plain, $hash, 'scrypt', ['length' => 64, 'costCpu' => 16384, 'costMemory' => 12, 'costParallel' => 2]));
-        $this->assertEquals(false, Auth::passwordVerify($plain, $hash, 'scrypt', ['length' => 64, 'costCpu' => 16384, 'costMemory' => 10, 'costParallel' => 2]));
+        $this->assertEquals(true, Auth::passwordVerify($plain, $hash, 'scrypt', [ 'salt' => 'some-salt', 'length' => 64, 'costCpu' => 16384, 'costMemory' => 12, 'costParallel' => 2]));
+        $this->assertEquals(true, Auth::passwordVerify($plain, $hash, 'scrypt', [ 'salt' => 'some-wrong-salt', 'length' => 64, 'costCpu' => 16384, 'costMemory' => 12, 'costParallel' => 2]));
+        $this->assertEquals(false, Auth::passwordVerify($plain, $hash, 'scrypt', [ 'salt' => 'some-salt', 'length' => 64, 'costCpu' => 16384, 'costMemory' => 10, 'costParallel' => 2]));
        $this->assertEquals(false, Auth::passwordVerify('wrongPassword', $hash, 'scrypt', ['length' => 64, 'costCpu' => 16384, 'costMemory' => 12, 'costParallel' => 2]));

        // ScryptModified tested are in provider-specific tests below